1. Field of the Invention
This invention relates generally to data protection, and in particular to protection of data on a communication device.
2. Description of the State of the Art
In a corporate environment, employees are often provided with access to office supplies and equipment to be used in performing job functions, typically including at least a personal computer (PC), and often also include wireless mobile communication devices and other types of electronic devices. Confidential or otherwise sensitive user information, employer information, or both, may be stored on any of this equipment. Although user equipment, such as a PC, which remains at an employer's premises is physically secured by the employer, portable or mobile devices, by their nature, are more likely to be misplaced or stolen, and are thus less secure. It is therefore often desirable to protect sensitive information on mobile devices to prevent an unauthorized party from accessing such information on lost or stolen user equipment.
One common type of security measure for mobile devices enabled for communications, such as wireless mobile communication devices, for example, is to ensure that sensitive information is transferred to such mobile devices securely. Although information transfer is secure, these measures only protect information during transfer, not after the information has been received by a mobile device.
According to another known security scheme, received information is encrypted when or before it is stored in a memory. Decryption of stored encrypted information requires access to a cryptographic key. Symmetric key cryptography, in which a single key is used for both encryption and decryption, is generally preferred for mobile devices having limited processing resources, because symmetric key cryptographic operations are faster and less processor-intensive than those associated with other cryptography schemes. Access to this single key must be controlled, using password protection for example, so that an unauthorized user cannot simply read the key from memory on a lost or stolen mobile device and then decrypt all encrypted content stored on the mobile device. However, this may result in situations where the key is not accessible when information is received at a mobile device.